From 6a40271789cf782d1fd655c1162d24b7bb8d497e Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@fedoraproject.org>
Date: Wed, 11 Nov 2009 21:56:10 +0000
Subject: [PATCH] * Wed Nov 11 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-17 -
 Fix sandbox to setsid so it can run under mozilla without crashing the
 session

---
 policycoreutils-rhat.patch | 26 +++++++++++++-------------
 policycoreutils.spec       |  5 ++++-
 2 files changed, 17 insertions(+), 14 deletions(-)

diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index 33668ff..6152372 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -1874,27 +1874,27 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
 +.PP
 diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/sandboxX.sh policycoreutils-2.0.74/sandbox/sandboxX.sh
 --- nsapolicycoreutils/sandbox/sandboxX.sh	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/sandbox/sandboxX.sh	2009-11-09 16:05:58.000000000 -0500
++++ policycoreutils-2.0.74/sandbox/sandboxX.sh	2009-11-11 16:54:17.000000000 -0500
 @@ -0,0 +1,16 @@
 +#!/bin/bash 
 +export TITLE="Sandbox: `/usr/bin/tail -1 ~/.sandboxrc | /usr/bin/cut -b1-70`"
 +export SCREEN=`/usr/bin/xdpyinfo -display $DISPLAY | /bin/awk '/dimensions/ { print $2 }'`
 +
 +(/usr/bin/Xephyr -title "$TITLE" -terminate -screen 1000x700 -displayfd 5 5>&1 2>/dev/null) | while read D; do 
-+export DISPLAY=:$D
-+/usr/bin/matchbox-window-manager -use_titlebar no &
-+WM_PID=$!
-+~/.sandboxrc &
-+CLIENT_PID=$!
-+wait $CLIENT_PID
-+export EXITCODE=$?
-+kill -TERM $WM_PID
-+kill -HUP 0
-+break
++    export DISPLAY=:$D
++    /usr/bin/matchbox-window-manager -use_titlebar no &
++    WM_PID=$!
++    ~/.sandboxrc &
++    CLIENT_PID=$!
++    wait $CLIENT_PID
++    export EXITCODE=$?
++    kill -TERM $WM_PID
++    kill -HUP 0
++    break
 +done
 diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/sandbox/seunshare.c policycoreutils-2.0.74/sandbox/seunshare.c
 --- nsapolicycoreutils/sandbox/seunshare.c	1969-12-31 19:00:00.000000000 -0500
-+++ policycoreutils-2.0.74/sandbox/seunshare.c	2009-11-09 16:05:58.000000000 -0500
++++ policycoreutils-2.0.74/sandbox/seunshare.c	2009-11-11 16:54:05.000000000 -0500
 @@ -0,0 +1,265 @@
 +#include <signal.h>
 +#include <sys/types.h>
@@ -2150,7 +2150,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
 +			perror("Failed to change dir to homedir");
 +			exit(-1);
 +		}
-+		
++		setsid();
 +		execv(argv[optind], argv + optind);
 +		free(display);
 +		perror("execv");
diff --git a/policycoreutils.spec b/policycoreutils.spec
index ee3ccd0..7607627 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -6,7 +6,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.0.74
-Release: 16%{?dist}
+Release: 17%{?dist}
 License: GPLv2+
 Group:	 System Environment/Base
 Source:	 http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@@ -296,6 +296,9 @@ fi
 exit 0
 
 %changelog
+* Wed Nov 11 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-17
+- Fix sandbox to setsid so it can run under mozilla without crashing the session
+
 * Mon Nov 9 2009 Dan Walsh <dwalsh@redhat.com> 2.0.74-16
 - Fix sandbox to use chcon
 - Fix semanage to report duplicate ports